Skip to main content

Month Archives: January 2011

Microsoft releases Security Advisory 2501696

Friday, January 28, 2011

Hello. Today we’re releasing Security Advisory 2501696, which describes a publicly disclosed scripting vulnerability affecting all versions of Microsoft Windows. The main impact of the vulnerability is unintended information disclosure. We’re aware of published information and proof-of-concept code that attempts to exploit this vulnerability, but we haven’t seen any indications of active exploitation.

More information about the MHTML Script Injection vulnerability

Friday, January 28, 2011

Today we released Security Advisory 2501696 to alert customers to a publicly disclosed vulnerability in the MHTML protocol handler. This vulnerability could allow attackers to construct malicious links pointing to HTML documents that, when clicked, would render the targeted document and reflected script in the security context of the user and target location.

Q&A from the January 2011 Security Bulletin Webcast

Thursday, January 13, 2011

Hello, Today we published the January Security Bulletin Webcast Questions & Answers page. We fielded five questions on various topics during the webcast. We invite our customers to join us for the next public webcast on Wednesday, February 9th at 11am PST (-8 UTC), when we will go into detail about the February bulletin release and answer questions live on the air.